/*
 * =====================================================================================
 *
 *       Filename:  allowList.h
 *
 *    Description:  Allowed package list.
 *
 *        Version:  1.1
 *        Created:  02/04/2020 17:56:17 PM
 *        Updated:  11/27/2020 17:56:17 PM
 *       Compiler:  arm/g++
 *
 *        Company:  Samsung Electronics
 *
 *        Copyright (c) 2020 by Samsung Electronics, All rights reserved.
 *
 * =====================================================================================
 */

#ifndef __ALLOW_LIST_H__
#define __ALLOW_LIST_H__

int ROOT_UID                  = 0;
int KEYSTORE_UID               = 1017;
int SYSTEM_UID                = 1000;
int USER_UID                  = -9999;
int PER_USERID_RANGE          = 100000;

int PERM_NOTHING              = 0x000;
int PERM_EXIST_DRK            = 0x001;
int PERM_GET_UID              = 0x002;
int PERM_CREATE_SERVICE_KEY   = 0x004;
int PERM_PSEUDO_AT_CMD        = 0x008;
int PERM_GET_DRK_CERT         = 0x010;
int PERM_SELF_TEST_SERV_BLOB  = 0x020;
int PERM_SEND_BIGDATA         = 0x040;
int PERM_GET_DEVICE_INFO      = 0x080;
int PERM_ALLOW_SPAY           = 0x100;
int PERM_FACTORY_CMD          = 0x1000;
int PERM_LIMIT                = PERM_EXIST_DRK | PERM_GET_UID;
int PERM_DEFAULT              = PERM_LIMIT | PERM_CREATE_SERVICE_KEY | PERM_GET_DRK_CERT | PERM_GET_DEVICE_INFO;
int PERM_ALL                  = PERM_DEFAULT | PERM_PSEUDO_AT_CMD | PERM_SELF_TEST_SERV_BLOB | PERM_FACTORY_CMD;

typedef struct _wl_item {
    char packageName[PACKAGE_NAME_LEN];
    int  uid;
    int  perm;
} WL_ITEM;

WL_ITEM allowlist [] = {
#ifndef USE_RELEASE
    { "pseudoAtCmd", ROOT_UID, PERM_ALL},
    { "/data/sem", ROOT_UID, PERM_DEFAULT},
    //{ "testMLDAP", ROOT_UID, PERM_DEFAULT},
    { "/data/skpm", ROOT_UID, PERM_DEFAULT},
    { "com.sec.selftest.drk", SYSTEM_UID, PERM_ALL},
    { "qsee-lib-test", ROOT_UID, PERM_DEFAULT},
#endif
    { "system_server", SYSTEM_UID, PERM_DEFAULT },
    // Requester : pai2.peng, r.kadir in MPS Lab-B2B Engineering
    // Usage : Payment framework app(preloaded) at non-Verizon devices.
    { "com.samsung.android.spayfw",             USER_UID, PERM_DEFAULT | PERM_ALLOW_SPAY},
    // Requester : pai2.peng, r.kadir in MPS Lab-B2B Engineering
    // Usage : Payment framework app(not preloaded) at Verizon devices.
    { "com.samsung.android.spayfw",             SYSTEM_UID, PERM_DEFAULT},
    // Requester : kihpaul in Payment Service Group
    // Usage : Small Payments Service through the Samsung Pay App at the Korea.
    { "com.samsung.android.spay",               USER_UID,   PERM_DEFAULT | PERM_ALLOW_SPAY},
    // Requester : kihpaul in Payment Service Group
    // Usage : Small Payments Service through the Samsung Pay App at the Korea.
    { "com.samsung.android.spaylite",           USER_UID,   PERM_DEFAULT | PERM_ALLOW_SPAY},
    // Requester : kihpaul in Payment Service Group
    // Usage : Small Payments Service through the Samsung Pay App at the India.
    { "com.samsung.android.spaymini",           USER_UID,   PERM_LIMIT },
    // Requester : sijun.cho in Mobile Security Technology Group
    // Usage : Authentication between virtual SIM module and server.
    // History : 1) Changed name from "com.android.samsung.softsim" to "com.samsung.android.globalroaming".
    //           2) Changed name from "com.samsung.android.globalroaming" to "com.samsung.android.softsim".
    { "com.samsung.android.softsim",            SYSTEM_UID, PERM_DEFAULT},
    // Requester : jh7946.park in Multimedia R&D Group.
    // Usage : Samsung Pass Service ( integrated mobile FIDO system )
    // Remove : Replaced to SemAuthnrService(com.samsung.android.authnrservice.service.SemAuthnrService) in system_server. - 2017.11.27
    // mJavaPkgAllowList.add("com.samsung.android.authservice", Process.SYSTEM_UID);
    // Requester : m.ma in SRC-B.
    // Usage : SSKDS Service ( setup ATTK(Attestation key for Soter/Tiger) )
    { "com.samsung.android.sskds",              SYSTEM_UID, PERM_DEFAULT},
    // Requester : sy815.choi in Enterprise Service Group.
    // Usage : Make signature at ICCC(Integrity Control Check Center).
    { "com.android.server.IcccManagerService",  SYSTEM_UID, PERM_DEFAULT},
#ifdef DEVICE_CATEGORY_PHONE
    // Requester : yj0221.choi in Payment Service Group.
    // Usage: Get UID to build unique UID for Samsung Pay (Gear plugin) application.
    { "com.samsung.android.samsungpay.gear",    USER_UID,   PERM_LIMIT},
#else
    // Requester : yj0221.choi in Payment Service Group.
    // Usage: Get UID to build unique UID for Samsung Pay (Gear plugin) application.
    { "com.samsung.android.samsungpay.gear",    SYSTEM_UID, PERM_DEFAULT},
#endif    
    // Requester : kwangsik in Biz Solution Development Group.
    // Usage : HDM solution
    { "com.android.server.enterprise.hdm",      SYSTEM_UID, PERM_DEFAULT},
    // Requester : Chuly Tran  in B2B Service Group.
    // Usage : Knox Guard solution
    { "com.samsung.android.kgclient",           SYSTEM_UID, PERM_DEFAULT},
    // Requester : SungHwan Chung  in Flagship Product S/W Project Leader Group.
    // Usage : PIMT to verify DRK exists
    { "com.samsung.InputEventApp",              SYSTEM_UID, PERM_LIMIT},
    // Requester : sh0317.cho in Mobile Security Technology Group.
    // Usage : Get certificate for secure element.
    { "/system/bin/sem_daemon",                 SYSTEM_UID, PERM_DEFAULT},
    // Requester : inmyung.choi in Multimedia R&D Group.
    // Usage : SOTER(WeChat fingerprint authentication)  attestation key generation.
    // Remove : Replaced to TigerSskdsService(com.samsung.android.service.TigerSskdsService) in system_server. - 2017.12.21. jk.huang.
    // mNativeProcessAllowList.add("/system/bin/TigerService", Process.SYSTEM_UID);
    // Requester : quocdat.ng in SEV-Mobile Solutions P
    // Usage : Get service key for MirrorLink attestation.
    { "TmsService.Process",                     SYSTEM_UID, PERM_DEFAULT},
    // Requester : varghese.a in SRI-Bangalore-Knox SolutionSRI-Bangalore-Knox Solution
    // Usage : Get service key for downloadable keystore - KNOX CCM.
    //         It is replaced for ccm_gen_cert.
    { "com.sec.downloadablekeystore",           SYSTEM_UID, PERM_DEFAULT},
    // Requester : sh0317.cho in Mobile Security Technology Group.
    // Usage : get skpm service key for IOT key-provisioning on OTA.
    { "com.skms.android.agent:remote",          SYSTEM_UID, PERM_DEFAULT},

    // Requester : swon83.jeong in Mobile Security Technology Group.
    // Usage : Sign the information of device activation in China.
    { "com.samsung.android.activation",         SYSTEM_UID, PERM_DEFAULT},
    // Requester : jeong.il.kim in Mobile Security Technology Group.
    // Usage : Send keystore attestation information to context framework.
#ifdef USE_KEYSTORE2
    { "/system/bin/keystore2",                  KEYSTORE_UID, PERM_LIMIT | PERM_GET_DEVICE_INFO},
#else
    { "/system/bin/keystore",                   KEYSTORE_UID, PERM_LIMIT | PERM_GET_DEVICE_INFO},
#endif
    // Requester : hanjae.jeong in Mobile Security Technologies Group.
    // Usage : Sign the sim unlock information
    { "/system/bin/ssud",                       SYSTEM_UID, PERM_DEFAULT},
    // Requester : dh3s.choi in Mobile Security Technologies Group.
    // Usage : Attestation
    { "/system/bin/rsudrkproxyd",               SYSTEM_UID, PERM_DEFAULT},
    // Requester : Key Verifier team.
    // Usage : Get DRK's status at Key verifier.
    { "com.sec.keyverifier",                    SYSTEM_UID, PERM_LIMIT },
    // Requester : hanjea jeong in Security team.
    // Usage : TMF Service
    { "com.samsung.sec.teegris.tmf_service",    SYSTEM_UID, PERM_DEFAULT},
    // Requester : d.spichanok  in B2B R&D Group.
    // Usage : SNAP Security Project (KFA)
    {"com.samsung.android.app.kfa",             USER_UID,   PERM_DEFAULT},
    // Requester : kwangsik, ys0801.hwang in B2B R&D Group.
    // Usage : mobile POS service
    {"com.android.server.enterprise.mpos.MPOSService",   SYSTEM_UID,   PERM_DEFAULT}
};

#endif  // End of __ALLOW_LIST_H__